smtp server with ssl
- Thread starter Zagorax
- Start date
Really??
So, please, help me to discover why it doesn't work on my system.
I have a centos 5.5 system with directadmin. I disabled all iptables rules.
I'm using evolution as client. Enabling SSL encryption it can't connect to the server, while with TLS i get "TLS currently unavailable".
Thank you
So, please, help me to discover why it doesn't work on my system.
I have a centos 5.5 system with directadmin. I disabled all iptables rules.
I'm using evolution as client. Enabling SSL encryption it can't connect to the server, while with TLS i get "TLS currently unavailable".
Thank you
scsi
Verified User
- Joined
- Aug 19, 2008
- Messages
- 4,531
Either your exim wasnt compiled for openssl or your /etc/exim.conf doesnt support it.
http://help.directadmin.com/item.php?id=51
http://help.directadmin.com/item.php?id=125
http://help.directadmin.com/item.php?id=51
http://help.directadmin.com/item.php?id=125
nobaloney
NoBaloney Internet Svcs - In Memoriam †
@scsi:
As a test of your lastest reply to this thread, I installed exim exactly as you write above using those two DirectAdmin Knowledgebase links. I get the same error as did Zagorax.
Jeff
As a test of your lastest reply to this thread, I installed exim exactly as you write above using those two DirectAdmin Knowledgebase links. I get the same error as did Zagorax.
Jeff
scsi
Verified User
- Joined
- Aug 19, 2008
- Messages
- 4,531
Does http://files.directadmin.com/services/exim.conf support openssl then?
# SpamBlocker.exim.conf.2.1.1-release #
# 05-Jun-2007 #
# Runtime configuration file for DirectAdmin/Exim 4.24 and above #
# Requires exim.pl dated 20-Apr-2007 17:09 or later #
Your the one out of anyone who should know why it doesnt work.
# SpamBlocker.exim.conf.2.1.1-release #
# 05-Jun-2007 #
# Runtime configuration file for DirectAdmin/Exim 4.24 and above #
# Requires exim.pl dated 20-Apr-2007 17:09 or later #
Your the one out of anyone who should know why it doesnt work.
nobaloney
NoBaloney Internet Svcs - In Memoriam †
I've never put anything into the exim.conf file distributions to have them support openssl; I wouldn't even know what to put into the file. I don't even know if it's done at the exim.conf level. I thought you knew, and that's why you posted.
I've always said that we support only plain-text authentication.
Jeff
I've always said that we support only plain-text authentication.
Jeff
Hi,
I found this in log:
2011-01-28 10:37:00 TLS error on connection from localhost (openssl.client.net) [127.0.0.1] (SSL_CTX_use_PrivateKey_file file=/etc/exim.key): error:0200100D:system library:fopen
ermission denied
And this is permission for that file:
rw------- 1 root root 891 Dec 13 09:25 exim.key
Isn't root the user that run exim?
Thank you
I found this in log:
2011-01-28 10:37:00 TLS error on connection from localhost (openssl.client.net) [127.0.0.1] (SSL_CTX_use_PrivateKey_file file=/etc/exim.key): error:0200100D:system library:fopen
ermission deniedAnd this is permission for that file:
rw------- 1 root root 891 Dec 13 09:25 exim.key
Isn't root the user that run exim?
Thank you
scsi
Verified User
- Joined
- Aug 19, 2008
- Messages
- 4,531
Oh yeah I have seen threads about wrong permissions with some exim files.
chown mail:mail /etc/exim.key
/etc/init.d/exim restart
Edit:
I did notice on my system though that my /etc/exim.key is chmod 755 for some reason.
-rwxr-xr-x 1 root root 952 Apr 22 2007 /etc/exim.cert
-rwxr-xr-x 1 root root 22K Jan 14 20:16 /etc/exim.conf
-rwxr-xr-x 1 root root 891 Apr 22 2007 /etc/exim.key
-rwxr-xr-x 1 root root 6.6K Aug 9 18:59 /etc/exim.pl
So I am guessing the mail user needs read access to that file.
I am wondering if my permissions are right or not.
Cant it all be owned by mail:mail and chmod 700 ?
Does anyone else know?
If anyone has any different permissions on these files show what they are ... I kinda wanna know if my server is wrong too.
chown mail:mail /etc/exim.key
/etc/init.d/exim restart
Edit:
I did notice on my system though that my /etc/exim.key is chmod 755 for some reason.
-rwxr-xr-x 1 root root 952 Apr 22 2007 /etc/exim.cert
-rwxr-xr-x 1 root root 22K Jan 14 20:16 /etc/exim.conf
-rwxr-xr-x 1 root root 891 Apr 22 2007 /etc/exim.key
-rwxr-xr-x 1 root root 6.6K Aug 9 18:59 /etc/exim.pl
So I am guessing the mail user needs read access to that file.
I am wondering if my permissions are right or not.
Cant it all be owned by mail:mail and chmod 700 ?
Does anyone else know?
If anyone has any different permissions on these files show what they are ... I kinda wanna know if my server is wrong too.
Last edited:
zEitEr
Super Moderator
I've got
and that's ok for me.
Code:
-rw-r--r-- 1 root root 952 May 1 2008 /etc/exim.cert
-rw-r----- 1 root root 50980 Jan 11 13:58 /etc/exim.conf
-rw------- 1 mail mail 887 May 1 2008 /etc/exim.key
-rwxr-xr-x 1 root root 6726 Dec 12 14:45 /etc/exim.pland that's ok for me.
Well, so it's mail user the one that run exim. Thank you.
I think that your permission are wrong. I never seen a private key that need to be word readable.
Mt permission are 755 for all of them but for the exim.key file. It has 600.
So... I did this and it works:
cd /etc
chown root:mail exim.key
chmod 640 exim.key
Problem solved.
I think that your permission are wrong. I never seen a private key that need to be word readable.
Mt permission are 755 for all of them but for the exim.key file. It has 600.
So... I did this and it works:
cd /etc
chown root:mail exim.key
chmod 640 exim.key
Problem solved.
zEitEr
Super Moderator
But I'm sure, permissions can be lowered for exim.cert and exim.pl.
What does exim.pl do?
zEitEr
Super Moderator
It's used by exim
You'd better look into it, and everything will become clear.
Auth, limits, etc
You'd better look into it, and everything will become clear.
Auth, limits, etc
